The DevOps Threats Unwrapped report conducted by the GitProtect research team recently concluded that there were a total of 502 incidents in the past year, with 48 of them being categorized at the highest risk level. These incidents resulted in a staggering total of 955 hours of major and critical disruptions, equivalent to 120 business days. The report shed light on the severity of security breaches in the DevOps landscape, emphasizing the need for heightened cybersecurity measures.
One of the significant incidents that highlighted the vulnerability of organizations to cyber threats was the Crowdstrike-Microsoft breach in 2024. This breach resulted in $5.4 billion in damages and impacted 8.5 million Windows devices globally, showcasing the devastating impact of security breaches on organizations.
The report highlighted a concerning trend of increased attacks targeting SaaS applications and DevOps tools, which is expected to accelerate in 2025. GitProtect.io, a leading DevOps backup and disaster recovery vendor, released the latest edition of The DevOps Threats Unwrapped study, focusing on analyzing incidents on platforms such as GitHub, GitLab, Bitbucket, Jira, and Azure DevOps.
In 2024, DevOps faced 502 incidents across these platforms, with 48 incidents classified as high risk. The disruptions resulted in a total of 955 hours of downtime, equivalent to nearly 120 working days in a year. These disruptions varied across platforms, with GitHub, Bitbucket, Jira, Azure DevOps, and GitLab experiencing different levels of incidents and disruptions.
Apart from service disruptions, the report highlighted other prevalent threats to DevOps continuity and data integrity, including hardcoded secrets, unsecured databases, repo jacking, intrusions in the software supply chain, AI-generated threats, and various human errors. Several prominent organizations, including Mercedes, New York Times, Schneider Electric, Cisco, Chinese Ministry of Public Security, and Cloudflare, experienced hacking incidents or data breaches in their DevOps tools.
The report also pointed out that the top three impacted industries were Technology and Software, Fintech/Banking, and Media and Entertainment. Additionally, healthcare, government entities, telecommunications, and manufacturing sectors were also affected by cybersecurity incidents.
In response to the growing threat landscape, SaaS vendors are emphasizing the shared responsibility model, which entails shared cybersecurity responsibilities between the vendor and the customer. The report stressed the importance of user education and awareness regarding data security and backup practices.
Moreover, compliance and regulatory requirements are gaining traction, with frameworks like Digital Operational Resilience Act (DORA), NIS 2, SOC 2, HIPAA, and other security acts mandating robust data protection measures, including backups of DevOps tools.
Looking ahead to 2025, the report provided actionable insights and forecasts to empower organizations to enhance their data security strategies in the face of evolving cyber threats. It emphasized the importance of prioritizing backup of SaaS applications and compliance with security standards to mitigate cybersecurity risks effectively.